[arch-general] [arch-dev-public] dropping tcp_wrapper support
Aaron Bull Schaefer
aaron at elasticdog.com
Tue Jul 19 11:44:09 EDT 2011
On Sat, Jul 16, 2011 at 3:23 PM, Loui Chang <louipc.ist at gmail.com> wrote:
>> > On 07/16/2011 08:06 PM, Peggy Wilkins wrote:
>> >> The annoucement suggests that a major reason for dropping support is
>> >> that it is "confusing" to end users. An easy solution to that is to
>> >> make a default hosts.allow file that says "ALL : ALL : ALLOW" out of
>> >> the box. Then those of use wanting to simply restrict access (useful
>> >> in many scenarios) can change that default as needed.
>
> I think it makes sense to have only one place to control traffic, makes
> things a little simpler. tcp_wrappers is like a helper program for
> beginner users to control traffic, but you can most likely find a
> program that would help beginners to create iptable rules. I don't use
> them so I can't advocate any particular program though.
I haven't used it myself, but Uncomplicated Firewall (UFW) is
available in the Community repository and looks like a simple
alternative way to get going.
https://wiki.archlinux.org/index.php/Firewalls#ufw
...and there are a handful of other similar firewall configuration
tools listed on that page as well. Just thought it might be useful to
point out for people following this thread.
--
Aaron Bull Schaefer
http://elasticdog.com/
More information about the arch-general
mailing list